Cifs Access Denied

[Yamanipanuchi]

So I have Freenas 9.2.1.7 running (Can give PC info if requested). Setup a new Dataset with Read/Write access set and shared it out via CIFS. When I goto to do a RoboCopy I get the following for each file it tried to copy...

2014/10/29 20:06:53 ERROR 5 (0x00000005) Accessing Destination Directory s:\Temp
Access is denied.

Robocopy command I am using is...

robocopy BackupDrive s:\ /mir /w:0 /r:0 /copy:DT /fft /b

I've tried multiple other combinations with the command line with the same result.

When I do a manuel copy via explorer it seems to work correctly, But because of the large file count and size it is very hard to coordinate

Any Ideas out there? Thanks in advance. :D

 

[anodos]

You should enclose commands in code brackets so that you don't end up with rand emoticons.

Post following:

• Smb4.conf (located in /usr/local/etc)
• Output of 'zfs list'
• Output of 'getfacl [directory] for your share's root directory.

 

[Yamanipanuchi]

I upgraded my system to 9.2.1.8 thinking maybe it was just some odd bug, Didnt fix it...

/usr/local/etc/smb4.conf

Code:

[global]
    server max protocol = SMB2
    encrypt passwords = yes
    dns proxy = no
    strict locking = no
    oplocks = yes
    deadtime = 15
    max log size = 51200
    max open files = 11070
    load printers = no
    printing = bsd
    printcap name = /dev/null
    disable spoolss = yes
    getwd cache = yes
    guest account = nobody
    map to guest = Bad User
    obey pam restrictions = Yes
    directory name cache size = 0
    kernel change notify = no
    panic action = /usr/local/libexec/samba/samba-backtrace
    server string = FreeNAS Server
    ea support = yes
    store dos attributes = yes
    hostname lookups = yes
    time server = yes
    acl allow execute always = true
    local master = yes
    idmap config *:backend = tdb
    idmap config *:range = 90000000-100000000
    server role = standalone
    netbios name = FREENAS
    workgroup = WORKGROUP
    security = user
    pid directory = /var/run/samba
    smb passwd file = /var/etc/private/smbpasswd
    private dir = /var/etc/private
    create mask = 0666
    directory mask = 0777
    client ntlmv2 auth = yes
    dos charset = CP437
    unix charset = UTF-8
    log level = 1


[Storage]
    path = /mnt/MainVolume/Storage
    printable = no
    veto files = /.snap/.windows/.zfs/
    writeable = yes
    browseable = yes
    recycle:repository = .recycle/%U
    recycle:keeptree = yes
    recycle:versions = yes
    recycle:touch = yes
    recycle:directory_mode = 0777
    recycle:subdir_mode = 0700
    vfs objects = zfsacl streams_xattr aio_pthread
    hide dot files = yes
    guest ok = yes
    nfs4:mode = special
    nfs4:acedup = merge
    nfs4:chown = yes
    zfsacl:acesort = dontcare

zfs list

Code:

MainVolume                                                   799G  1.24T   365K  /mnt/MainVolume
MainVolume/.system                                          5.54M  1.24T   402K  /mnt/MainVolume/.system
MainVolume/.system/cores                                     648K  1.24T   648K  /mnt/MainVolume/.system/cores
MainVolume/.system/rrd-8804f1b896584f63bf1761b796154c18      328K  1.24T   328K  /mnt/MainVolume/.system/rrd-8804f1b896584f63bf1761b796154c18
MainVolume/.system/samba4                                   3.50M  1.24T  3.50M  /mnt/MainVolume/.system/samba4
MainVolume/.system/syslog-8804f1b896584f63bf1761b796154c18   712K  1.24T   712K  /mnt/MainVolume/.system/syslog-8804f1b896584f63bf1761b796154c18
MainVolume/Storage                                           799G  1.24T   799G  /mnt/MainVolume/Storage

getfacl /mnt/MainVolume/Storage

Code:

# file: /mnt/MainVolume/Storage/
# owner: root
# group: wheel
            owner@:rwxp--aARWcCos:------:allow
            group@:rwxp--a-R-c--s:------:allow
         everyone@:rwxp--a-R-c--s:------:allow

Hopefully this just points out something simple I keep missing. Thanks again for any help!

 

[anodos]

• Make your CIFS user owner of the dataset "Storage".
• Once you've done that, navigate to \\freenas. right-click on "Storage", click on "properties", then "security".
• Add modify permissions to your group.

 

[Yamanipanuchi]

Perfect, Solution made perfect sense. Tried it. Worked!

Thanks so much for the assistance!

 

[anodos]

No problem. Setting permissions is relatively simple. People usually get themselves in trouble by:
1) googling samba howtos.
2) doing stuff that worked back in the samba 3.x days
3) having requirements that prevent them using acls and falling back to (1) or (2).